YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
PoC: hnswlib loadIndex β Heap OOB WRITE β linkLists_ Pointer Corruption β RIP Redirect
Vulnerability
hnswlib (nmslib) is a header-only HNSW approximate nearest neighbor library, embedded in ChromaDB, Milvus, and other vector databases.
In hnswalg.h loadIndex (lines 776-779):
data_level0_memory_ = malloc(max_elements * size_data_per_element)β allocationinput.read(data_level0_memory_, cur_element_count * size_data_per_element)β read
When cur_element_count > max_elements (both from file, no cross-validation),
the read overflows the buffer. Shortly after, linkLists_ (an array of heap pointers)
is allocated. Overflow corrupts these pointers β controlled dereference β RIP redirect.
Exploitation Chain (proven)
1. max_elements=4, cur_element_count=100, size_data_per_element=64
2. Allocation: 256 bytes, Read: 6400 bytes β 6144 byte overflow
3. linkLists_ (4 pointers) placed adjacent β ALL 4 pointers corrupted
4. get_linklist(0) returns corrupted pointer β dereference β SIGSEGV
Proof
linkLists_[0] = 0x37cdb030 β CORRUPTED (points into attacker's data!)
linkLists_[1] = 0x37cdb030 β CORRUPTED
linkLists_[2] = 0x37cdb030 β CORRUPTED
linkLists_[3] = 0x37cdb030 β CORRUPTED
Dereferencing corrupted pointer...
Signal: 11, Faulting address: 0x37cdb030
[ACE CONFIRMED] RIP redirected into attacker's data!
Reproduction
clang++ -g -O0 -std=c++17 -o poc_hnswlib_ace poc_hnswlib_ace.cpp && ./poc_hnswlib_ace
Suggested Fix
// hnswalg.h, before line 779:
if (cur_element_count > max_elements) {
throw std::runtime_error("cur_element_count exceeds max_elements");
}
Inference Providers NEW
This model isn't deployed by any Inference Provider. π Ask for provider support